Chinese hackers went after aborted Potash deal

TORONTO • As Potash Corp. of Saskatchewan Inc. fought against a $40-billion hostile takeover attempt from Australian mining giant BHP Billiton Ltd. last year, hackers were attacking the computers of several Bay Street law firms representing both companies, looking for anything that might give their cyber masters an edge.

Daniel Tobok, president of Toronto-based digital security consultancy Digital Wyzdom Inc., said that cyber criminals who attacked the federal Department of Finance and the Treasury Board in February were after information related to BHP’s pursuit of the world’s largest potash producer. Believed to be based in China, the hackers targeted seven prominent law firms, one of which contracted Mr. Tobok’s firm to investigate.

He received the first complaints of “suspicious activity” in September of 2010, one month after BHP launched its bid for Potash, Mr. Tobok said in an interview Wednesday. His comments were first reported by CBC News on Tuesday.

Two months later, Ottawa scuttled the deal; exercising its right under the Investment Canada Act to block any transaction it deemed to be of “no net benefit” to Canada for only the second time in history.

Blake, Cassels & Graydon LLP, which represented BHP, and Stikeman Elliott LLP, which represented Potash Corp., were revealed by Mr. Tobok as the two primary targets of the attacks. Although both firms were adamant no sensitive data was compromised.

The gargantuan size of the deal meant all the relevant data would already have been public domain, begging the question of what those hackers were hoping to find.

“Besides the public figures, it is knowing the background, the players and the details that is really important to them,” said Gene McLean, Digital Wyzdom’s managing director and former chief security officer of Telus Corp.

“The colour around the deal is what would be really interesting because the facts are already known.”

Even the attacks against government departments levied months after Ottawa killed the deal could have been related to Potash, Mr. McLean said, as “no deal is dead forever.”

“Even if the deal was dead, knowing the colour could make for an extremely powerful bidding position in the future.”

China’s state-owned Sinochem Group was reportedly against the takeover, even allegedly hiring third parties to find ways of disrupting BHP’s bid. Yet it is worth noting hackers commonly hide their locations by routing their attacks through other computers or “proxies,” meaning the attacks could have originated anywhere with an Internet connection.